function DB_unlock($contest, $str, $c = null) { if ($contest <= 0) { return false; } if (($ct = DBContestInfo($contest, $c)) == null) { return false; } if (strlen($ct['contestunlockkey']) > 1) { $ar = explode(',', $ct['contestkeys']); foreach ($ar as $key) { if (substr($key, 0, 10) == substr($str, 0, 10)) { $pass = decryptData(substr($key, 15), $ct['contestunlockkey'], 'db_unlock'); if (substr($pass, 0, 5) != '#####') { continue; } $str2 = decryptData($str, $pass, 'db_unlock2'); if ($str2 == '') { continue; } return $str2; } } } return false; }
</div> </nav> <div class="alert alert-info" role="alert"> Balloons: <?php $ds = DIRECTORY_SEPARATOR; if ($ds == "") { $ds = "/"; } $runtmp = $_SESSION["locr"] . $ds . "private" . $ds . "runtmp" . $ds . "run-contest" . $_SESSION["usertable"]["contestnumber"] . "-site" . $_SESSION["usertable"]["usersitenumber"] . "-user" . $_SESSION["usertable"]["usernumber"] . ".php"; $doslow = true; if (file_exists($runtmp)) { if (($strtmp = file_get_contents($runtmp, FALSE, NULL, -1, 1000000)) !== FALSE) { $postab = strpos($strtmp, "\t"); $conf = globalconf(); $strcolors = decryptData(substr($strtmp, $postab + 1, strpos($strtmp, "\n") - $postab - 1), $conf['key'], ''); $doslow = false; $rn = explode("\t", $strcolors); $n = count($rn); for ($i = 1; $i < $n - 1; $i++) { echo "<img alt=\"" . $rn[$i] . "\" width=\"10\" " . "src=\"" . balloonurl($rn[$i + 1]) . "\" />\n"; $i++; } } else { unset($strtmp); } } if ($doslow) { $run = DBUserRunsYES($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]); $n = count($run); for ($i = 0; $i < $n; $i++) {
function getMainXML($username, $sess, $pass, $pass2) { $c = DBConnect(); if ($c == null) { return array(false, ""); } $contest = $_SESSION["usertable"]["contestnumber"]; $r = DBExec($c, "select * from contesttable where contestnumber={$contest}"); if (DBnLines($r) == 0) { echo "Unable to find the contest {$contest} in the database.\n"; exit; } $ct = DBRow($r, 0); $localsite = $ct["contestlocalsite"]; $mainsite = $ct["contestmainsite"]; $siteurl = $ct['contestmainsiteurl'] . '/site/get.php'; // if ($mainsite==$localsite) return array(true,""); /* $r = DBExec($c, "select * from sitetable where sitenumber=".$mainsite." and contestnumber=$contest"); if (DBnLines($r)==0) { echo "Unable to find the main site in the database (site=$mainsite, contest=$contest).\n"; exit; } $st = DBRow($r,0); $siteurl = $st["siteip"] . '/site/get.php'; */ if (substr($siteurl, 0, 7) != 'http://') { $siteurl = 'http://' . $siteurl; } if ($sess == '') { // MSGError('session empty'); $s = file_get_contents($siteurl); if ($s === false) { return array(false, '', ''); } // MSGError($s); $t = strtok($s, " \t"); while ($t !== false && substr($t, 0, 8) != '<SESSION' && substr($t, 0, 6) != '<ERROR' && $t != '<OK>' && $t != '<NOTOK>') { echo $t . " "; $t = strtok(" \t"); } if ($t === false) { return array(false, '', ''); } echo $t . " -->\n"; if (substr($t, 0, 8) == '<SESSION') { $id = strtok(" \t"); return array(false, $id, $id); } else { return array(false, '', ''); } } if ($pass == $pass2) { // MSGError('equal'); $opts = array('http' => array('method' => 'GET', 'header' => 'Cookie: PHPSESSID=' . $sess)); $context = stream_context_create($opts); $s = file_get_contents($siteurl . '?name=' . $username . '&password='******'&check=nocheck', 0, $context); } else { $data = encryptData(generateXML($contest), myhash($pass2)); $data_url = http_build_query(array('xml' => $data, 'name' => $username, 'password' => $pass, 'check' => myhash($pass . $pass2))); $opts = array('http' => array('method' => 'POST', 'header' => 'Cookie: PHPSESSID=' . $sess . "\r\nContent-Type: application/x-www-form-urlencoded", 'content' => $data_url)); $context = stream_context_create($opts); $s = file_get_contents($siteurl, 0, $context); } if ($s === false) { return array(false, "", ''); } // MSGError('OPA1: ' . $s); $t = strtok($s, " \t"); while ($t !== false && substr($t, 0, 8) != '<SESSION' && substr($t, 0, 6) != '<ERROR' && $t != '<OK>' && $t != '<NOTOK>') { echo $t . " "; $t = strtok(" \t"); } if ($t === false) { return array(false, '', ''); } echo $t . " -->\n"; if (substr($t, 0, 6) == "<ERROR") { $id = strtok(" \t"); if ($id === false) { return array(false, '', ''); } return array(false, $id, ""); } if (substr($t, 0, 8) == "<SESSION") { $id = strtok(" \t"); if ($id === false) { return array(false, '', ''); } $idextra = strtok(" \t"); if ($idextra === false) { return array(false, '', ''); } // MSGError("id=$id idextra=$idextra"); return array(false, $id, $idextra); } $id = strtok(" \t"); if ($id === false) { return array(false, '', ''); } //MSGError('OPA2: ' . $s); if ($pass2 != '') { $s = decryptData($id, myhash($pass2)); } if (strtoupper(substr($s, 0, 5)) != "<XML>") { return array(false, '', $t); } return array(true, $s, $t); }
echo "<script>window.close();</script></html>"; exit; } ob_end_flush(); // echo "</pre>\n"; DB_lo_close($lo); if ($msg != '') { // echo " <a href=\"#\" onClick=\"window.print()\"><h1>".$_GET["msg"]."</h1></a>"; echo "\n\n\n" . $msg . "\n"; echo $msg . "\n"; echo $msg . "\n"; } DBExec($c, "commit work"); DBClose($c); } else { header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); if (($str = file_get_contents($fname)) === false) { header("Content-type: text/html"); echo "<html><head><title>View Page</title>"; MSGError("Unable to open file (" . basename($fname) . ")"); LOGError("Unable to open file (" . basename($fname) . ")"); echo "<script>window.close();</script></html>"; exit; } header("Content-type: text/plain"); echo decryptData($str, $cf["key"]); ob_end_flush(); }
<?php require_once "../boot.php"; // Main $supporters = $_REQUEST['supporters']; unset($_REQUEST['supporters']); #DEAL WITH USER PW CRAP $sql = 'select * from users where campaign_manager_KEY = ' . $_REQUEST['campaign_manager_KEY']; $R = $db->Execute($sql) or die($db->errorMsg() . $sql); $r = $R->FetchRow(); $user = decryptData(AUTH_KEY, $r['ms_exchange_auth']); $pw = decryptData(AUTH_KEY, $r['ms_exchange_pass']); $x = 0; foreach ($supporters as $key) { $x++; send_email_exchange($user, $pw, $key, $_REQUEST); } // Functions function decryptData($key, $data) { $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($data), MCRYPT_MODE_ECB, $iv), ""); } function send_email_exchange($user, $pw, $supporter_KEY, $contact_array) { global $db; $sql = 'select Email,First_Name, Last_Name from supporter where supporter_KEY =' . $supporter_KEY; $S = $db->Execute($sql) or die($db->errorMsg()); $s = $S->FetchRow(); $contact_array['supporter_KEY'] = $supporter_KEY;
ForceLoad($runteam); } if (isset($_POST['name']) && $_POST['name'] != '') { echo "RESULT: PARAMETERS MISSING"; exit; } $runtmp = $_SESSION["locr"] . $ds . "private" . $ds . "runtmp" . $ds . "run-contest" . $_SESSION["usertable"]["contestnumber"] . "-site" . $_SESSION["usertable"]["usersitenumber"] . "-user" . $_SESSION["usertable"]["usernumber"] . ".php"; $redo = TRUE; if (!isset($_SESSION['forceredo']) || $_SESSION['forceredo'] == false) { $actualdelay = 30; if (file_exists($runtmp)) { if (isset($strtmp) || ($strtmp = file_get_contents($runtmp, FALSE, NULL, -1, 1000000)) !== FALSE) { list($d) = sscanf($strtmp, "%*s %d"); if ($d > time() - $actualdelay) { $conf = globalconf(); $strtmp = decryptData(substr($strtmp, strpos($strtmp, "\n") + 1), $conf["key"], 'runtmp'); if ($strtmp !== false) { $redo = FALSE; } } } } } if ($redo) { $_SESSION["popuptime"] = time(); $_SESSION['forceredo'] = false; if (($st = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) { ForceLoad("../index.php"); } $strtmp = "<br>\n<table width=\"100%\" border=1>\n <tr>\n <td><b>Run #</b></td>\n<td><b>Time</b></td>\n" . " <td><b>Problem</b></td>\n <td><b>Language</b></td>\n <td><b>Answer</b></td>\n <td><b>File</b></td>\n </tr>\n"; $strcolors = "0";
ForceLoad("user.php"); } $dd = 0; foreach ($ar as $val => $key) { $key = trim($key); if ($key == '') { unset($ar[$val]); continue; } if (substr($key, 10, 5) != '#####') { MSGError('Invalid key in the file -- not importing any keys'); $dd = 0; break; } if (isset($param['unlockkey']) && $param['unlockkey'] != '') { $pass = decryptData(substr($key, 15), $param['unlockkey'], 'includekeys'); if (substr($pass, 0, 5) != '#####') { MSGError('Invalid key in the file -- not importing any keys'); $dd = 0; break; } } $ar[$val] = $key; $dd++; } if ($dd > 0) { $param['keys'] = implode(',', $ar); MSGError(count($ar) . ' keys are being imported from the file'); DBClearProblemTmp($_SESSION["usertable"]["contestnumber"]); } }
} } $strtmp .= " <td nowrap>" . $score[$e]["totalcount"] . " (" . $score[$e]["totaltime"] . ")</td>\n"; $strtmp .= " </tr>\n"; $n++; } } $strtmp .= "</table>"; if ($n == 0) { $strtmp .= "<br><center><b><font color=\"#ff0000\">SCOREBOARD IS EMPTY</font></b></center>"; } else { if (!$des) { if ($level > 0) { $strtmp .= "<br><font color=\"#ff0000\">P.S. Problem names are hidden.</font>"; } else { $strtmp .= "<br><font color=\"#ff0000\">P.S. Problem data are hidden.</font>"; } } } $conf = globalconf(); $strtmp = "<!-- " . time() . " --> <?php exit; ?>\n" . encryptData($strtmp, $conf["key"], false); if (file_put_contents($scoretmp, $strtmp, LOCK_EX) === FALSE) { if ($_SESSION["usertable"]["usertype"] == 'admin') { MSGError("Cannot write to the score cache file -- performance might be compromised"); } LOGError("Cannot write to the " . $_SESSION["usertable"]["usertype"] . "-score cache file -- performance might be compromised"); } $conf = globalconf(); $strtmp = decryptData(substr($strtmp, strpos($strtmp, "\n")), $conf["key"]); } echo $strtmp;
} $c = DBConnect(); DBExec($c, "begin work", "Autojudging(exporttransaction)"); if (DB_lo_export($contest, $c, $run["sourceoid"], $dir . $ds . $run["sourcename"]) === false) { DBExec($c, "rollback work", "Autojudging(rollback-source)"); LogLevel("Autojudging: Unable to export source file (run={$number}, site={$site}, contest={$contest})", 1); echo "Error exporting source file {$run["sourcename"]} (contest={$contest}, site={$site}, run={$number})\n"; DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: unable to export source file"); DBExec($c, "commit", "Autojudging(exportcommit)"); continue; } if (is_readable($cache . $ds . $run["inputoid"] . "." . $run["inputname"])) { DBExec($c, "commit", "Autojudging(exportcommit)"); echo "Getting problem package file from local cache: " . $cache . $ds . $run["inputoid"] . "." . $run["inputname"] . "\n"; $s = file_get_contents($cache . $ds . $run["inputoid"] . "." . $run["inputname"]); file_put_contents($dir . $ds . $run["inputname"], decryptData($s, $key)); $basename = $basenames[$run['inputoid'] . "." . $run["inputname"]]; } else { echo "Downloading problem package file from db into: " . $dir . $ds . $run["inputname"] . "\n"; if (DB_lo_export($contest, $c, $run["inputoid"], $dir . $ds . $run["inputname"]) === false) { DBExec($c, "rollback work", "Autojudging(rollback-input)"); LogLevel("Autojudging: Unable to export problem package file (run={$number}, site={$site}, contest={$contest})", 1); echo "Error exporting problem package file {$run["inputname"]} (contest={$contest}, site={$site}, run={$number})\n"; DBGiveUpRunAutojudging($contest, $site, $number, $ip, "error: unable to export problem package file"); DBExec($c, "commit", "Autojudging(exportcommit)"); continue; } DBExec($c, "commit", "Autojudging(exportcommit)"); @chmod($dir . $ds . $run["inputname"], 0600); @chown($dir . $ds . $run["inputname"], "root"); echo "Problem package downloaded -- running init scripts to obtain limits and other information\n";
exit("cannot open <{$archive_file_name}>\n"); } foreach ($file_names as $files) { $zip->addFile($file_path . $files, $files); echo "<br>" . $file_path . $files; echo "<br>" . $files; } if ($zip->close() === false) { exit("Error creating ZIP file : " . $archive_file_name); } $downloadBothMMEndTime = microtime(true); $totalBothMMDownloadTime = $downloadBothMMEndTime - $downloadBothMMStartTime; $_SESSION['BothMMDownload_time'] = $totalBothMMDownloadTime; if (file_exists($archive_file_name)) { header("Content-Description: File Transfer"); header("Content-type: application/zip"); header("Content-Disposition: attachment; filename={$archive_file_name}"); header("Pragma: no-cache"); header("Expires: 0"); readfile($archive_file_name); ob_clean(); flush(); exit; } else { exit("Could not find Zip file to download"); } } decryptData($contents, $filename, $name, $downloadBothMMStartTime); } else { echo "\n\t\t\t<html>\n\t\t\t\t<head>\n\t\t\t\t\t<link type='text/css' href='style.css' rel='stylesheet' />\n\t\t\t\t</head>\n\t\t\t\t<body>\n\t\t\t\t\t<center>\n\t\t\t\t\t\t<h1>Wrong Token</h1>\n\t\t\t\t\t\t<br /><br />\n\t\t\t\t\t\t<a href='enterTokenBothMM.php'>Try Again</a>\n\t\t\t\t\t\t<br /><br />\n\t\t\t\t\t\t<a href='menu.php'>Back to Main Menu</a>\n\t\t\t\t\t\t<br /><br />\n\t\t\t\t\t\t<a href='logout.php'>Logout</a>\n\t\t\t\t\t</center>\n\t\t\t\t</body>\n\t\t\t</html>"; }
function getContinuationsData($data) { global $user, $continuationid; if (array_key_exists('continuation', $_POST)) { $edata = urldecode($data); } else { $edata = $data; } if (!($ddata = decryptData($edata))) { return array('error' => 'invalid input'); } $items = explode(':', $ddata); $now = time(); $continuationid = $items[1]; # validate input if (count($items) != 4 || !preg_match('/^[0-9a-fA-F]+$/', $continuationid) || !is_numeric($items[2]) || !is_numeric($items[3]) || $items[3] > $now) { return array('error' => 'invalid input'); } # get continuation $query = "SELECT UNIX_TIMESTAMP(expiretime) AS expiretime, " . "frommode, " . "tomode, " . "data, " . "multicall, " . "deletefromid " . "FROM continuations " . "WHERE id = '{$continuationid}' AND " . "userid = {$items[2]}"; $qh = doQuery($query, 101); # return error if it is not there if (!($row = mysql_fetch_assoc($qh))) { return array('error' => 'continuation does not exist'); } # return error if it is expired if ($row['expiretime'] < $now) { $query = "DELETE FROM continuations " . "WHERE id = '{$row['deletefromid']}' AND " . "userid = {$items[2]}"; doQuery($query, 101, 'vcl', 1); return array('error' => 'expired'); } # remove if multicall is 0 if ($row['multicall'] == 0) { $query = "DELETE FROM continuations " . "WHERE id = '{$row['deletefromid']}' AND " . "userid = {$items[2]}"; doQuery($query, 101, 'vcl', 1); } return array('frommode' => $row['frommode'], 'nextmode' => $row['tomode'], 'userid' => $items[2], 'data' => unserialize($row['data'])); }
} $acr['CONTESTREC'] = array('number' => -1, 'name' => -1, 'startdate' => -1, 'duration' => -1, 'lastmileanswer' => -1, 'lastmilescore' => -1, 'localsite' => -1, 'penalty' => -1, 'maxfilesize' => -1, 'updatetime' => -1); if ($localsite > 0) { $acr['CONTESTREC']['localsite'] = "" . $localsite; } $acr['ANSWERREC'] = array('number' => -1, 'name' => -1, 'yes' => -1, 'updatetime' => -1); $acr['LANGUAGEREC'] = array('number' => -1, 'name' => -1, 'filepath' => -1, 'filename' => -1, 'comppath' => -1, 'compname' => -1, 'problemnumber' => -1, 'updatetime' => -1); $acr['PROBLEMREC'] = array('number' => -1, 'name' => -1, 'fullname' => -1, 'basename' => -1, 'inputfilename' => -1, 'inputfilepath' => -1, 'solfilename' => -1, 'solfilepath' => -1, 'descfilename' => -1, 'descfilepath' => -1, 'tl' => -1, 'colorname' => -1, 'color' => -1, 'fake' => -1, 'updatetime' => -1); $acr['SITETIME'] = array('site' => -1, 'start' => -1, 'enddate' => -1, 'updatetime' => -1); $acr['SITEREC'] = array('sitenumber' => -1, 'site' => -1, 'number' => -1, 'sitename' => -1, 'siteip' => -1, 'siteduration' => -1, 'sitelastmileanswer' => -1, 'sitelastmilescore' => -1, 'sitejudging' => -1, 'sitetasking' => -1, 'siteautoend' => -1, 'siteglobalscore' => -1, 'siteactive' => -1, 'sitescorelevel' => -1, 'sitepermitlogins' => -1, 'siteautojudge' => -1, 'sitenextuser' => -1, 'sitenextclar' => -1, 'sitenextrun' => -1, 'sitenexttask' => -1, 'sitemaxtask' => -1, 'sitechiefname' => -1, 'updatetime' => -1); $acr['USERREC'] = array('site' => -1, 'user' => -1, 'number' => -1, 'username' => -1, 'updatetime' => -1, 'usericpcid' => -1, 'userfull' => -1, 'userdesc' => -1, 'type' => -1, 'enabled' => -1, 'multilogin' => -1, 'userip' => -1, 'userlastlogin' => -1, 'userlastlogout' => -1, 'permitip' => -1); if (strtoupper(substr($ar, 0, 5)) != '<XML>' && isset($_POST['password']) && strlen($_POST['password']) > 20) { echo "<br>Starting to create the contest<br>"; $str = strtok($ar, " \n\t"); $str = strtok(" \n\t"); $ar = decryptData($str, $_POST['password'], 'importxml'); if (strtoupper(substr($ar, 0, 5)) != '<XML>') { echo "<br>Error decrypting file. Import aborted.<br>"; echo "</body></html>"; exit; } } if (strtoupper(substr($ar, 0, 5)) == '<XML>') { echo "<br>File has been loaded.<br>"; // echo "<pre>\n$ar</pre>\n"; if (!importFromXML($ar, $acr, 0, $localsite)) { echo "<br>Error during updating of the local database.<br>"; } echo "</body></html>"; exit; } else {
} $scores = array_unique(array_merge($scores, $judges)); if (in_array(0, $scores)) { $scores = null; } $tasks = explode(",", $siteinfo['sitetasking']); if (count($tasks) == 0 || count($tasks) == 1 && !is_numeric($tasks[0])) { $tasks = array($fromsite); } } else { echo "<!-- <ERROR9> " . session_id() . " " . session_id() . " -->\n"; exit; } if (isset($_POST) && isset($_POST['xml'])) { // $fp=fopen('/tmp/aaa',"w"); fwrite($fp,$_POST['xml']); fclose($fp); $s = decryptData(rawurldecode($_POST['xml']), myhash($_SESSION["usertable"]["userpassword"])); // $fp=fopen('/tmp/aaa1',"w"); fwrite($fp,$s); fclose($fp); $ac = array(); $ac['SITEREC'] = array('site' => $fromsite, 'sitenumber' => 0, 'number' => 0, 'sitename' => 0, 'siteip' => 0, 'siteduration' => 0, 'sitelastmileanswer' => 0, 'sitelastmilescore' => 0, 'siteautoend' => 0, 'siteactive' => 0, 'sitescorelevel' => 0, 'sitepermitlogins' => 0, 'siteautojudge' => 0, 'sitenextuser' => 0, 'sitenextclar' => 0, 'sitenextrun' => 0, 'sitenexttask' => 0, 'sitemaxtask' => 0, 'sitechiefname' => 0, 'updatetime' => 0); $ac['SITETIME'] = array('site' => $fromsite, 'number' => 0, 'start' => 0, 'enddate' => 0, 'updatetime' => 0); $ac['USERREC'] = array('site' => $fromsite, 'user' => 0, 'number' => 0, 'username' => 0, 'usericpcid' => 0, 'userfull' => 0, 'userdesc' => 0, 'type' => 0, 'enabled' => 0, 'multilogin' => 0, 'userip' => 0, 'userlastlogin' => 0, 'userlastlogout' => 0, 'permitip' => 0, 'updatetime' => 0); $ac['CLARREC'] = array('site' => $judges, 'user' => 0, 'number' => 0, 'problem' => 0, 'question' => 0, 'clarnumber' => 0, 'clardate' => 0, 'clardatediff' => 0, 'clardatediffans' => 0, 'claranswer' => 0, 'clarstatus' => 0, 'clarjudge' => 0, 'clarjudgesite' => 0, 'updatetime' => 0); $ac['RUNREC'] = array('site' => $judges, 'user' => 0, 'number' => 0, 'runnumber' => 0, 'problem' => 0, 'lang' => 0, 'filename' => 0, 'filepath' => 0, 'rundate' => 0, 'rundatediff' => 0, 'rundatediffans' => 0, 'runanswer' => 0, 'runstatus' => 0, 'runjudge' => 0, 'runjudgesite' => 0, 'runjudge1' => 0, 'runjudgesite1' => 0, 'runanswer1' => 0, 'runjudge2' => 0, 'runjudgesite2' => 0, 'runanswer2' => 0, 'autoip' => 0, 'autobegindate' => 0, 'autoenddate' => 0, 'autoanswer' => 0, 'autostdout' => 0, 'autostderr' => 0, 'updatetime' => 0); $ac['TASKREC'] = array('site' => $tasks, 'user' => 0, 'desc' => 0, 'number' => 0, 'tasknumber' => 0, 'color' => 0, 'colorname' => 0, 'updatetime' => 0, 'filename' => 0, 'filepath' => 0, 'sys' => 0, 'status' => 0, 'taskdate' => 0, 'taskdatediff' => 0, 'taskdatediffans' => 0, 'taskstaffnumber' => 0, 'taskstaffsite' => 0); if (importFromXML($s, $ac, $_SESSION["usertable"]["contestnumber"])) { echo "<!-- <OK> -->"; } else { echo "<!-- <NOTOK> -->"; } } $xml = generateXML($_SESSION["usertable"]["contestnumber"], 0, $scores);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $crypttext, MCRYPT_MODE_ECB, $iv); //writing to file filename.txt.decrypt $myfile = fopen("C:\\xampp\\htdocs\\BEPROJECT\\Html\\Decrypt/" . $name . ".decrypt", "w") or die("Unable to open file!"); fwrite($myfile, $decrypttext); download($name . '.decrypt', $downloadTextStartTime); fclose($myfile); } function download($filename, $downloadTextStartTime) { $absoluteFileName = "C:\\xampp\\htdocs\\BEPROJECT\\Html\\Decrypt/" . $filename; $downloadTextEndTime = microtime(true); $totalTextDownloadTime = $downloadTextEndTime - $downloadTextStartTime; $_SESSION['textDownload_time'] = $totalTextDownloadTime; if (file_exists($absoluteFileName)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($absoluteFileName)); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($absoluteFileName)); readfile($absoluteFileName); exit; } } decryptData($contents, $filename, $name, $downloadTextStartTime); } else { echo "\n\t\t\t<html>\n\t\t\t\t<head>\n\t\t\t\t\t<link type='text/css' href='style.css' rel='stylesheet' />\n\t\t\t\t</head>\n\t\t\t\t<body>\n\t\t\t\t\t<center>\n\t\t\t\t\t\t<h1>Wrong Token</h1>\n\t\t\t\t\t\t<br /><br />\n\t\t\t\t\t\t<a href='enterTokenText.php'>Try Again</a>\n\t\t\t\t\t\t<br /><br />\n\t\t\t\t\t\t<a href='menu.php'>Back to Main Menu</a>\n\t\t\t\t\t\t<br /><br />\n\t\t\t\t\t\t<a href='logout.php'>Logout</a>\n\t\t\t\t\t</center>\n\t\t\t\t</body>\n\t\t\t</html>"; }
/** * 解析customerInfo。 * 为方便处理,encryptedInfo下面的信息也均转换为customerInfo子域一样方式处理, * @param unknown $customerInfostr * @return array形式ParseCustomerInfo */ function ParseCustomerInfo($customerInfostr) { $customerInfostr = base64_decode($customerInfostr); $customerInfostr = substr($customerInfostr, 1, strlen($customerInfostr) - 2); $customerInfo = parseQString($customerInfostr); if (array_key_exists("encryptedInfo", $customerInfo)) { $encryptedInfoStr = $customerInfo["encryptedInfo"]; unset($customerInfo["encryptedInfo"]); $encryptedInfoStr = decryptData($encryptedInfoStr); $encryptedInfo = parseQString($encryptedInfoStr); foreach ($encryptedInfo as $key => $value) { $customerInfo[$key] = $value; } } return $customerInfo; }
$ende = $_GET['ende']; } if (isset($_GET['format'])) { $format = $_GET['format']; } else { $format = 'HTML'; } $version = isset($_GET['version']) ? $_GET['version'] : 2; $target = isset($_GET['target']) ? $_GET['target'] : null; $stsem = isset($_GET['stsem']) ? $_GET['stsem'] : ''; $lva = isset($_GET['lva']) ? $_GET['lva'] : ''; if (isset($_GET["cal"])) { // Nicht authentifizierter Zugriff per Codierter UID // fuer Abonnierung im Google ueber /webdav/google.php $cal = $_GET["cal"]; $uid = decryptData($cal, LVPLAN_CYPHER_KEY); //Wenn der Key manuell geaendert wird koennen Fehlerhaft kodierte Zeichen //entstehen und fuehren zu DB fehlern deshalb werden falsch kodierte uids hier aussortiert if (!check_utf8($uid)) { die('Fehlerhafter Parameter'); } //Pruefen ob dieser Benutzer auch wirklich existiert $benutzer = new benutzer(); if (!$benutzer->load($uid)) { die('Ungueltiger Benutzername'); } //Output-Format wird auf ical geaendert $target = 'ical'; $format = 'ical'; } else { // UID bestimmen